cert-manager icon indicating copy to clipboard operation
cert-manager copied to clipboard
verified publisher icon cert-manager

Remove conflicting labels from CRDs

Open gw0 opened this issue 2 years ago • 8 comments

Pull Request Motivation

  • Removes a conflict when deployed through ArgoCD that sets up its own app.kubernetes.io/instance label (https://github.com/argoproj/argo-cd/issues/6728). No need for workarounds like https://github.com/HariSekhon/Kubernetes-configs/blob/master/cert-manager/base/remove-instance-label.jsonpatch.yaml. If the app.kubernetes.io/instance label is set within the Helm chart then ArgoCD reports warnings like:
SharedResourceWarning 	CustomResourceDefinition/certificaterequests.cert-manager.io is part of applications cert-manager-production and cert-manager
  • This small tweak also makes CRDs valid Kubernetes manifests that are trivially to deploy (see https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack#from-46x-to-47x). But still allows them to be modified by your release process.

Kind

feature

Release Note

NONE

gw0 avatar Jun 29 '23 08:06 gw0

Hi @gw0. Thanks for your PR.

I'm waiting for a cert-manager member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

jetstack-bot avatar Jun 29 '23 08:06 jetstack-bot

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: gw0 Once this PR has been reviewed and has the lgtm label, please assign meyskens for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment

jetstack-bot avatar Jun 29 '23 08:06 jetstack-bot

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with /close. Send feedback to jetstack. /lifecycle stale

jetstack-bot avatar Sep 27 '23 09:09 jetstack-bot

/remove-lifecycle stale

gw0 avatar Sep 28 '23 08:09 gw0

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with /close. Send feedback to jetstack. /lifecycle stale

jetstack-bot avatar Dec 27 '23 08:12 jetstack-bot

/remove-lifecycle stale

gw0 avatar Jan 04 '24 10:01 gw0

PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

jetstack-bot avatar Feb 20 '24 15:02 jetstack-bot

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with /close. /lifecycle stale

cert-manager-bot avatar May 20 '24 16:05 cert-manager-bot

Stale issues rot after 30d of inactivity. Mark the issue as fresh with /remove-lifecycle rotten. Rotten issues close after an additional 30d of inactivity. If this issue is safe to close now please do so with /close. /lifecycle rotten /remove-lifecycle stale

cert-manager-bot avatar Jul 18 '24 16:07 cert-manager-bot

Rotten issues close after 30d of inactivity. Reopen the issue with /reopen. Mark the issue as fresh with /remove-lifecycle rotten. /close

cert-manager-bot avatar Aug 17 '24 16:08 cert-manager-bot

@cert-manager-bot: Closed this PR.

In response to this:

Rotten issues close after 30d of inactivity. Reopen the issue with /reopen. Mark the issue as fresh with /remove-lifecycle rotten. /close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

cert-manager-prow[bot] avatar Aug 17 '24 16:08 cert-manager-prow[bot]

Can this be re-opened? This is still an issue for us.

We are using argocd and using the option to install the CRD's in the values file which works well. It's just we are getting this same issue because of the conflicting annotation since argocd project and app of apps is managing it also so the label for app.kubernetes.io/instance is conflicting.

We cannot use kubectl patch for this since it doesn't support custom resources in the cmd line. We can however do a post install edit of each resource and remove the line for the label and then tell argocd to ignore the differences on those files with

 ignoreDifferences:
    - group: '*'
      kind: CustomResourceDefinition
      jsonPointers:
        - /metadata/labels/app.kubernetes.io~1instance

It would be great if we didn't have to do this. Any suggestions here.

collinhayden avatar Sep 11 '24 00:09 collinhayden